Answer: CD
Explanation:
Internet Key Exchange (IKE) negotiates the IPSec security associations (SAs). This process requires that the IPSec systems first authenticate themselves to each other and establish ISAKMP (IKE) shared keys.
1. In phase 1 of this process, IKE creates an authenticated, secure channel between the two IKE peers, called the IKE security association. The Diffie-Hellman key agreement is always performed in this phase.
2. In phase 2, IKE negotiates the IPSec security associations and generates the required key material for IPSec. The sender offers one or more transform sets that are used to specify an allowed combination of transforms with their respective settings. The sender also indicates the data flow to which the transform set is to be applied. The sender must offer at least one transform set. The receiver then sends back a single transform set, which indicates the mutually agreed-upon transforms and algorithms for this particular IPSec session.

QUESTION 42
Hotspot
For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point.

Answer:
Explanation:
Since the leftmost three bits are reserved as “001” for Global unicast IPv6 addresses, the range of Global Unicast Addresses available now are from 2000 to 3FFF. 21DA is a global unicast prefix.

QUESTION 43
Hotspot
You are trying to access a music sharing service on the Internet. The service is located at the IP address 173.194.75.105. You are experiencing problems connecting. You run a trace route to the server and receive the output shown in the following image:
Use the drop-down menus to select the answer choice that completes each statement. Each correct selection is worth one point.

Answer:
Explanation:
– Traceroute (tracert) outputs the list of traversed routers in simple text format, together with timing information.
– How is it possible for traceroute to timeout, yet the site will load fine in a browser? If a router along the way decides to not send the ICMP error message, you will get a timeout at that point in the traceroute. The router may pass on normal traffic, thus allowing your TCP-based http request to complete, but it may silently drop ICMP requests or errors, leaving your local traceroute process waiting and then timing out on that stop.

QUESTION 44
Hotspot
For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point.

Answer:
Explanation:
Sometimes you will want to create a tunnel without encryption. The IPSEC protocols provide two ways to do this.

QUESTION 45
Drag and Drop
Match each IP address to its corresponding IPv4 address class. To answer, drag the appropriate IP address from the column on the left to its IPv4 address class on the right. Each IP address may be used once, more than once, or not at all. Each correct match is worth one point.

Answer: A
Explanation:
DNS zone transfer, also sometimes known by the inducing DNS query type AXFR, is a type of DNS transaction. It is one of the many mechanisms available for administrators to replicate DNS databases across a set of DNS servers.

QUESTION 47
You work at a coffee shop. Your supervisor asks you to help set up a computer network. The network needs to have the following items:
– A public facing web server
– A Wi-Fi network for customers
– A private network for the point of sale terminals An office PC
– A file/print server
– A network printer
You need to set up a perimeter network to protect the network. Which two items should you include in the perimeter network? (Choose two.)

Answer: AB
Explanation:
Put the web server and the network printer on the perimeter network. The file server, wifi-network, and the Point of sale terminals should not be accessible from the internet.
Note:
A network perimeter is the boundary between the private and locally managed-and-owned side of a network and the public and usually provider-managed side of a network.

QUESTION 48
Drag and Drop
Match the networking topologies to their corresponding characteristics. To answer, drag the appropriate topology from the column on the left to its characteristic on the right. Each topology may be used once, more than once, or not at all. Each correct match is worth one point.

Answer:

QUESTION 49
Which two features of a Windows Server 2008 R2 server should you install to use that server as a software router? (Choose two.)

Answer: AB
Explanation:
To install the Routing and Remote Access service:
– In the Server Manager main window, under Roles Summary, click Add roles.
– In the Initial Configuration Tasks window, under Customize This Server, click Add roles.
1. In the Add Roles Wizard, click Next.
2. In the list of server roles, select Network Policy and Access Services. Click Next twice.
3. In the list of role services, select Routing and Remote Access Services to select all of the role services. You can also select individual server roles.
4. Proceed through the steps in the Add Roles Wizard to complete the installation.

QUESTION 50
What are two characteristics of fiber optic cable? (Choose two.)

Answer: CD
Explanation:
C: A mechanical splice is a junction of two or more optical fibers that are aligned and held in place by a self- contained assembly (usually the size of a large carpenter’s nail). The fibers are not permanently joined, just precisely held together so that light can pass from one to another.
D: Modern connectors typically use a “physical contact” polish on the fiber and ferrule end. This is a slightly convex surface with the apex of the curve accurately centered on the fiber, so that when the connectors are mated the fiber cores come into direct contact with one another.
Note:
Optical fiber connectors are used to join optical fibers where a connect/disconnect capability is required. Due to the polishing and tuning procedures that may be incorporated into optical connector manufacturing, connectors are generally assembled onto optical fiber in a supplier’s manufacturing facility.

QUESTION 51
Hotspot
Identify the network cable type and connector in the following graphic:
Use the drop-down menus to select the answer choice that answers each question. Each correct selection is worth one point.

Answer:
Explanation:
This is an RJ45 ethernet cable.

QUESTION 52
Which Microsoft network service can you use to establish a connection to a corporate LAN without any user action?

A. VPN
B. Remote Desktop
C. DirectAccess
D. Nap

Answer: C
Explanation:
DirectAccess allows remote users to securely access internal network file shares, Web sites, and applications without connecting to a virtual private network (VPN). An internal network is also known as a private network or intranet. DirectAccess establishes bi-directional connectivity with an internal network every time a DirectAccess-enabled computer connects to the Internet, even before the user logs on. Users never have to think about connecting to the internal network and IT administrators can manage remote computers outside the office, even when the computers are not connected to the VPN.

QUESTION 53
Hotspot
For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point.

Answer:
Explanation:
– With a recursive name query , the DNS client requires that the DNS server respond to the client with either the requested resource record or an error message stating that the record or domain name does not exist. The DNS server cannot just refer the DNS client to a different DNS server.
– An iterative name query is one in which a DNS client allows the DNS server to return the best answer it can give based on its cache or zone data. If the queried DNS server does not have an exact match for the queried name, the best possible information it can return is a referral (that is, a pointer to a DNS server authoritative for a lower level of the domain namespace). The DNS client can then query the DNS server for which it obtained a referral. It continues this process until it locates a DNS server that is authoritative for the queried name, or until an error or time-out condition is met.
Example:

QUESTION 54
Drag and Drop
Match the IPv4 address type to the corresponding definition. To answer, drag the appropriate definition from the column on the left to the address type on the right. Each definition may be used once, more than once, or not at all. Each correct match is worth one point.

Answer:
Explanation:
– Multicast: it is communication between a single sender and multiple receivers on a network.
– Broadcast: Broadcasting sends a message to everyone on the network.
– Unicast: it is a one-to one connection between the client and the server.

QUESTION 55
This question requires that you evaluate the underlined text to determine if it is correct. Select the correct answer if the underlined text does not make the statement correct. Select ‘No change is needed” if the underlined text makes the statement correct.
A secondary zone is the first DNS zone to which all updates for the records that belong to that zone are written.

Answer: A
Explanation:
When a zone that this DNS server hosts is a primary zone, the DNS server is the primary source for information about this zone, and it stores the master copy of zone data in a local file or in AD DS.

QUESTION 56
Hotspot
For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point.

Answer:
Explanation:
– TRACERT prints out an ordered list of the routers in the path that returned the ICMP Time Exceeded message.
– Ping, not tracert, determines packet loss.
– Tracert just displays the path to the target, not all connections.
– The TRACERT diagnostic utility determines the route taken to a destination by sending Internet Control Message Protocol (ICMP) echo packets with varying IP Time-To-Live (TTL) values to the destination. Each router along the path is required to decrement the TTL on a packet by at least 1 before forwarding it, so the TTL is effectively a hop count. When the TTL on a packet reaches 0, the router should send an ICMP Time Exceeded message back to the source computer.

QUESTION 57
You are setting up a network computer game. You need to open up ports on your firewall so your friends can join the network. Which command displays the ports that your computer is listening for?

A. nslookup
B. nbtstat
C. ping
D. netstat

Answer: D
Explanation:
Netstat (network statistics) is a command-line tool that displays network connections for the Transmission Control Protocol (both incoming and outgoing), routing tables, and a number of network interface (network interface controller or software-defined network interface) and network protocol statistics.
Incorrect:
Not A: nslookup is used for DNS troubleshooting.
Not B: nbtstat is designed to help troubleshoot NetBIOS name resolution problems.
Not C: ping is used to troubleshoot network connectivity.

QUESTION 58
Drag and Drop
Match the TCP ports to the corresponding service. To answer, drag the appropriate port number from the column on the left to its service on the right. Each port number may be used once, more than once, or not at all. Each correct match is worth one point.

Answer:

QUESTION 59
Hotspot
For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point.

Answer:
Explanation:
– The localhost (loopback) address, 0:0:0:0:0:0:0:1, and the IPv6 unspecified address, 0:0:0:0:0:0:0:0, are reduced to ::1 and ::, respectively.
– A unique local address (ULA) is an IPv6 address in the block fc00::/7, defined in RFC 4193. It is the approximate IPv6 counterpart of the IPv4 private address.
– Link-local addresses for IPv4 are defined in the address block 169.254.0.0/16, in CIDR notation. In IPv6, they are assigned with the fe80::/10 prefix.

QUESTION 60
This question requires that you evaluate the underlined text to determine if it is correct. Select the correct answer if the underlined text does not make the statement correct. Select ‘No change is needed” if the underlined text makes the statement correct.
When a client computer is unable to reach a DHCP server, it will automatically assign an IP address in the 10.0.0.0 -10.0.0.255 range.